Skills
skills/bankrbot/clawdbot-skill/bankr-signals/Gen Agent Trust Hub

bankr-signals

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a bash script scripts/publish-signal.sh that executes node -e for message signing and curl for API communication. HEARTBEAT.md includes shell commands and an inline Python snippet for processing leaderboard data.- [DATA_EXFILTRATION]: The skill requires sensitive inputs including a PRIVATE_KEY environment variable and an API key stored in ~/.clawdbot/skills/bankr/config.json. These are used to authenticate with the vendor's services (api.bankr.bot and bankrsignals.com).- [PROMPT_INJECTION]: The agent processes signal data from an external feed to influence trading actions.
  • Ingestion points: Signal data is fetched from https://bankrsignals.com/api/feed as described in HEARTBEAT.md.
  • Boundary markers: The skill lacks explicit boundary markers for the ingested signal reasoning text, though it encourages structural filtering.
  • Capability inventory: The skill uses scripts/publish-signal.sh to execute signing and network operations via subprocesses.
  • Sanitization: The skill suggests validating signals against on-chain transaction hashes (txHash) and provider performance metrics as a mitigation strategy.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:46 PM